upstream my_nodejs_upstream { server localhost:3332; keepalive 64; } # O servidor não vai responder via IP server { listen 80 default_server; server_name _; return 404; } # Redireciona para HTTPS server { listen 80; listen [::]:80; server_name seu_site_aqui.com.br www.seu_site_aqui.com.br; client_max_body_size 512M; return 301 https://$host$request_uri; } # HTTPS server { listen 443 ssl http2; listen [::]:443 ssl http2; server_name seu_site_aqui.com.br www.seu_site_aqui.com.br; # O servidor só vai responder pra este domínio #if ($host != "seu_site_aqui.com.br" || $host != "www.seu_site_aqui.com.br") { # return 404; #} ssl_certificate /etc/letsencrypt/live/seu_site_aqui.com.br/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/seu_site_aqui.com.br/privkey.pem; # managed by Certbot ssl_trusted_certificate /etc/letsencrypt/live/seu_site_aqui.com.br/chain.pem; # Improve HTTPS performance with session resumption ssl_session_cache shared:SSL:10m; ssl_session_timeout 5m; # Enable server-side protection against BEAST attacks ssl_prefer_server_ciphers on; ssl_ciphers ECDH+AESGCM:ECDH+AES256:ECDH+AES128:DH+3DES:!ADH:!AECDH:!MD5; # Disable SSLv3 ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Diffie-Hellman parameter for DHE ciphersuites # $ sudo openssl dhparam -out /etc/ssl/certs/dhparam.pem 4096 ssl_dhparam /etc/ssl/certs/dhparam.pem; # Enable HSTS (https://developer.mozilla.org/en-US/docs/Security/HTTP_Strict_Transport_Security) add_header Strict-Transport-Security "max-age=63072000; includeSubdomains"; # Enable OCSP stapling (http://blog.mozilla.org/security/2013/07/29/ocsp-stapling-in-firefox) ssl_stapling on; ssl_stapling_verify on; resolver 8.8.8.8 8.8.4.4 valid=300s; resolver_timeout 5s; client_max_body_size 512M; # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html index.php; #location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. #try_files $uri /index.html; #} # Código que corrigi o error 404 do nginx + nextjs arquivos statics location ~ ^/_next/static/(.*)$ { root /diretorio_do_seu_projeto_nextjs/.next; try_files "/static/$1" "/server/static/$1" @proxy_pass; } location / { proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Real-IP $remote_addr; proxy_set_header Host $http_host; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; proxy_pass http://localhost:3000/; proxy_redirect off; proxy_read_timeout 240s; } location /api/ { proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Real-IP $remote_addr; proxy_set_header Host $http_host; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; proxy_pass http://my_nodejs_upstream/; proxy_redirect off; proxy_read_timeout 240s; } location /phpmyadmin { root /usr/share/; index index.php index.html index.htm; } location ~ ^/phpmyadmin/(.+\.php)$ { try_files $uri =404; root /usr/share/nginx/html/; fastcgi_pass unix:/run/php/php7.4-fpm.sock; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; include /etc/nginx/fastcgi_params; } location ~* ^/phpmyadmin/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ { root /usr/share/nginx/html/; } location ~ \.php$ { include snippets/fastcgi-php.conf; fastcgi_pass unix:/run/php/php7.4-fpm.sock; } location = /favicon.ico { access_log off; log_not_found off; } # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # location ~ /\.ht { deny all; } location ~ /\. { access_log off; log_not_found off; deny all; } gzip on; gzip_disable "msie6"; gzip_comp_level 6; gzip_min_length 1100; gzip_buffers 4 32k; gzip_proxied any; gzip_types text/plain text/css text/js text/xml text/javascript application/javascript application/x-javascript application/json application/xml application/rss+xml image/svg+xml; access_log off; #access_log /var/log/nginx/seu_site_aqui.com.br-access.log; error_log /var/log/nginx/seu_site_aqui.com.br-error.log; }